Feeding your TRIRIGA information needs

What are some best practices for managing your security groups?

Out of the box, TRIRIGA comes with pre-defined groups based on various roles. You might be able to map one of your roles to an existing security group. But if you have a need to make additions to an existing group, then it would be best to copy the group that it closely resembles. Then you can modify it for your needs.

It is best to know what out-of-the-box groups offer and what your needs will be. Then you can determine if you can use an existing one or create a new one. If you need to remove or add access, it is a best practice to copy an existing group and make changes to the copy. This way, if something is not being granted correctly, you can refer to the out-of-the-box role to see if the problem still occurs.

It should also be noted that, if you have a user who might have multiple roles, you do not have to define one giant security group…

The exception to copying security groups is the Administrative group. This is a group that should not be copied…

If you do have a need to create your own security group, then it is best to first map out the access that you want it to have…

Another important note regarding managing your security groups is defining if they are specific to a specific organization or geography…

For more information regarding System Organization and System Geography, please check out this wiki about Security Groups.

After creating or modifying your security groups, it is a good practice to go into the Admin Console > Cache Manager and clear the Security Scope cache.